CVE-2006-4074

Currently unrated

Key Information:

Vendor: Joomla
Status: Jd-wiki
Vendor: CVE Published:; 11 August 2006

Summary

PHP remote file inclusion vulnerability in lib/tpl/default/main.php in the JD-Wiki Component (com_jd-wiki) 1.0.2 and earlier for Joomla!, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.

References

http://secunia.com/advisories/21389

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2006/3192

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/bid/19373

vdb-entryx_refsource_BID

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 11, 2006
Vulnerability Reserved
Aug 10, 2006

Collectors

NVD DatabaseMitre Database